[Secure-testing-commits] r1391 - data/CAN
Joey Hess
joeyh@costa.debian.org
Thu, 14 Jul 2005 14:53:33 +0000
Author: joeyh
Date: 2005-07-14 14:53:30 +0000 (Thu, 14 Jul 2005)
New Revision: 1391
Modified:
data/CAN/list
Log:
canified
Modified: data/CAN/list
===================================================================
--- data/CAN/list 2005-07-14 14:51:28 UTC (rev 1390)
+++ data/CAN/list 2005-07-14 14:53:30 UTC (rev 1391)
@@ -92,7 +92,7 @@
CAN-2005-2215 (Cross-site scripting (XSS) vulnerability in MediaWiki before 1.4.x ...)
NOTE: not-for-us (MediaWiki)
CAN-2005-2214 (apt-setup in Debian GNU/Linux installs the apt.conf file with insecure ...)
- TODO: check
+ - base-config (unfixed; bug #305142; low)
CAN-2005-2213 (Buffer overflow in the mms_interp_header function in mms.c in MMS ...)
TODO: check
CAN-2005-2212 (Backup Manager 0.5.8a creates an archive repository with world ...)
@@ -3515,8 +3515,6 @@
- mozilla-thunderbird (unfixed; bug #306893; low)
CAN-2005-XXXX [Directory traversal in unzoo]
- unzoo 4.4-4
-CAN-2005-XXXX [base-config: World readable config file might reveal password data]
- - base-config (unfixed; bug #305142; low)
CAN-2005-XXXX [Logging bypassing through SIGHUP in syslog-ng]
- syslog-ng 1.6.5-2.1
CAN-2005-XXXX [tracksballs: Missing checks for symlinks when writing to predictable file names]